topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • Thursday March 28, 2024, 10:33 am
  • Proudly celebrating 15+ years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Author Topic: Apache security quides?  (Read 3432 times)

justice

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 1,898
    • View Profile
    • Donate to Member
Apache security quides?
« on: July 15, 2008, 03:08 AM »
Hi I've got a work related favor to ask of you. We've used IIS for years now and are quite confident with it, but now have had to setup a LAMP (debian) based system. The web application is running alright but as it is open to the outside world we'll need to strengthen the security. I'm told it is quite hard to find good guides on this as they all assume more Apache experience than what we have, and knowledge is fragmented.    :mad: Do you know of some clear Apache guides to make it more secure? More general linux guides are also welcome.

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,153
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Apache security quides?
« Reply #1 on: July 15, 2008, 05:56 AM »
Is the server behind NAT, or with a globally visible IP? In both cases (but especially the last!), you'll want to set up some firewalling on the box. Dunno about security for Apache per se, unless you're talking .htaccess.

The worst security holes are going to be in the web-app, anyway... there's so much vulnerable PHP code out there >_<
- carpe noctem